How to remove NvidiaHel.exe
- File Details
- Overview
- Analysis
NvidiaHel.exe
The module NvidiaHel.exe has been detected as Trojan.CoinMiner
File Details
| MD5: |
22ff2c38160148ab6b65ecf79f23b75b |
| Size: |
20 MB |
| First Published: |
2020-05-26 23:32:59 (3 years ago) |
| Latest Published: |
2021-03-26 21:44:18 (3 years ago) |
| Status: |
Trojan.CoinMiner (on last analysis) |
|
| Analysis Date: |
2021-03-26 21:44:18 (3 years ago) |
| %commonappdata%\win32 |
| %commonappdata%\win32 |
| %commonappdata%\win32 |
| %commonappdata%\win32 |
| %commonappdata%\win32 |
| %commonappdata%\roguekiller |
| %commonappdata%\win32 |
| %commonappdata%\win32 |
| %commonappdata%\win32 |
| %commonappdata%\win32 |
|
40.0% |
|
|
20.0% |
|
|
20.0% |
|
|
10.0% |
|
|
10.0% |
|
| Windows 10 |
90.0% |
|
| Windows 7 |
10.0% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x039d90c3 |
| Name |
Size of data |
MD5 |
| .text |
0 |
00000000000000000000000000000000 |
| .rdata |
0 |
00000000000000000000000000000000 |
| .data |
0 |
00000000000000000000000000000000 |
| .pdata |
0 |
00000000000000000000000000000000 |
| .nv_fatb |
0 |
00000000000000000000000000000000 |
| .nvFatBi |
0 |
00000000000000000000000000000000 |
| .tls |
0 |
00000000000000000000000000000000 |
| .gfids |
0 |
00000000000000000000000000000000 |
| KKLAdnw0 |
0 |
00000000000000000000000000000000 |
| KKLAdnw1 |
21410304 |
51ab2feae3c417e435d5de345a76ede2 |
| .reloc |
512 |
ed23dc0faacc05673fa7afeaf6fac7aa |
